ansible crash course
DESCRIPTION
Extra resources for the CodeMash 2014 PreCompilerTRANSCRIPT
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Ansible crash course
CodeMash 2014 - PreCompiler
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Ansible is…
• a radically simple IT orchestration engine that makes your applications and systems easier to deploy
• written in Python
• secure by using SSH for connections
• agent-less
• has AnsibleWorks as a backing company
• free, open source, & available on GitHub
!
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Installation$ sudo pip install paramiko PyYAML jinja2 $ git clone git://github.com/ansible/ansible.git $ cd ./ansible $ source ./hacking/env-setup"
$ sudo pip install ansible"
$ sudo yum install ansible"
$ sudo add-apt-repository ppa:rquillo/ansible $ sudo apt-get update $ sudo apt-get install ansible
From Source
!
Using PIP
Using yum
Using apt
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Playbooks
• Contains one or more “plays”
• Written in YAML
• Declare configuration
• YAML is not code
• Executed in the order it is written
• No dependency graph
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Inventory
• List of your hosts
• Grouped together
• Example hosts file:
/etc/ansible/hosts"![webservers]"foo.example.com"bar.example.com"![dbservers]"one.example.com"two.example.com"![california]"foo.example.com"one.example.com
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
EC2 inventory plugin
• AWS has an API which is always up-to-date
• Generate inventory off that, return JSON
• Group instances by:
• region and availability zone
• security groups
• tags
• keypairs
• more…
• Uses boto
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
boto
• Python library for AWS
• Written by Mitch Garnaat who was then hired by Amazon
• He also writes the new AWS CLI
• Multiple ways to supply it with AWS credentials
• Environment variables
• IAM Role
• .boto file
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
.boto file
[Credentials]
aws_access_key_id = AKIABCDEFGHIJKLM
aws_secret_access_key = duhke3pth15aSECr3t0R3153
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Install AWS command line tool
---"- name: Install AWS CLI" user: ubuntu" sudo: True" hosts: all" tasks:" - name: Install Python PIP" apt: pkg=python-pip state=latest"!
- name: Install AWS CLI" pip: name=awscli state=latest
Documentation
ModuleArguments
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Modulesaccelerate
add_host
apt
apt_key
apt_repository
arista_interface
assemble
async_status
authorized_key
bigip_pool
campfire
cloudformation
command
copy
cron
datadog_event
debug
digital_ocean
dnsmadeeasy
easy_install
ec2
ec2_ami
ec2_eip
ec2_elb
ec2_facts
ec2_group
ec2_tag
ec2_vol
facter
fail
fetch
file
filesystem
fireball
firewalld
flowdock
gem
get_url
git
glance_image
group
group_by
hg
hipchat
homebrew
host
htpasswd
ini_file
irc
jabber
lineinfile
linode
lvg
lvol
macports
modprobe
monit
mount
mqtt
mysql_db
mysql_user
nagios
netscaler
nova_compute
nova_keypair
npm
ohai
openbsd_pkg
opkg
osx_say
pacman
pagerduty
pause
ping
pingdom
pip
pkgin
pkgng
pkgutil
postgresql_db
raw
rax
rax_clb
rds
redis
rhn_channel
rhn_register
riak
route53
rpm_key
s3
script
selinux
service
set_fact
setup
shell
slurp
stat
subversion
supervisorctl
svr4pkg
sysctl
template
uri
user
virt
xattr
yum
zfs
zypper
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Modulesaccelerate
add_host
apt
apt_key
apt_repository
arista_interface
assemble
async_status
authorized_key
bigip_pool
campfire
cloudformation
command
copy
cron
datadog_event
debug
digital_ocean
dnsmadeeasy
easy_install
ec2
ec2_ami
ec2_eip
ec2_elb
ec2_facts
ec2_group
ec2_tag
ec2_vol
facter
fail
fetch
file
filesystem
fireball
firewalld
flowdock
gem
get_url
git
glance_image
group
group_by
hg
hipchat
homebrew
host
htpasswd
ini_file
irc
jabber
lineinfile
linode
lvg
lvol
macports
modprobe
monit
mount
mqtt
mysql_db
mysql_user
nagios
netscaler
nova_compute
nova_keypair
npm
ohai
openbsd_pkg
opkg
osx_say
pacman
pagerduty
pause
ping
pingdom
pip
pkgin
pkgng
pkgutil
postgresql_db
raw
rax
rax_clb
rds
redis
rhn_channel
rhn_register
riak
route53
rpm_key
s3
script
selinux
service
set_fact
setup
shell
slurp
stat
subversion
supervisorctl
svr4pkg
sysctl
template
uri
user
virt
xattr
yum
zfs
zypper
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Module Documentation
• Bookmark
• Star
• Tweet
• Take photo
• Write down now
http://www.ansibleworks.com/docs/modules.html
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Most used modules
• apt
• Add/Remove packages
• command
• Execute any shell command
• copy
• Copy a file from source to destination on host
• file
• Create directories, symlinks, change permissions
• service
• Start/Stop/Enable services
• template
• Copy, but with variable substitution in file
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Modules
• All modules are part of core
• No competing modules
• No abandoned modules
• All core modules are written in Python
• You can write custom modules in any language
• There is already helper code in Ruby
https://github.com/ansible/ansible-for-rubyists
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
DRY
• Includes
• Reuse lists of task
• Roles
• Reuse a set of tasks, files, variables and templates
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Includes---"
- name: Install AWS CLI"
user: ubuntu"
sudo: True"
hosts: all"
tasks:"
- include: install-aws-cli.yml"!!install-aws-cli.yml!- name: Install Python PIP"
apt: pkg=python-pip state=latest"
!- name: Install AWS CLI"
pip: name=awscli state=latest
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Roles---"- name: Set up web boxes" user: ubuntu" sudo: True" hosts: webservers" roles:" - base" - webserver"!!!!!!!!!
webservers.yml"dbservers.yml"roles/" base/" files/" templates/" tasks/" handlers/" vars/" meta/" webservers/" files/" templates/" tasks/" handlers/" vars/" meta/
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Conditions & Loops---"# Install everyone's favorite editors"!- name: Install editor packages (apt)" apt: pkg={{ item }} state=latest" with_items:" - emacs23-nox" - emacs23-el" - vim" when: ansible_distribution == 'Ubuntu'"!!- name: Install editors packages (yum)" yum: pkg={{ item }} state=latest" with_items:" - emacs" - emacs-el" - vim-enhanced" when: ansible_distribution == 'Amazon'
Peter Sankauskas@pas256
AnswersForAWS.com@Answers4AWS
Thanks
• Want more examples, check out the NetflixOSS Ansible Playbooks
• http://answersforaws.com/code/netflixoss/